Coronavirus and Remote Working: Security Issues

Home  »  Blog  »  Cyber Security  »  Coronavirus and...

By Bill Minahan   |   March 6, 2020   |   0 Comments

Coronavirus and Remote Working: How the Virus Could Affect Your Business

Coronavirus and remote working

The coronavirus is a contagious disease that is spreading around the globe which has caused a number of organizations to implement remote working. There have been over 425,600 cases since the end of December 2019. The coronavirus has impacted business and the global economy.

As more businesses direct employees to work from home because of the coronavirus, security issues are arising. Few organizations feel prepared for large-scale remote work, but you can take steps to strengthen your policies and prepare for security issues that accompany remote work.

What is Coronavirus?

Coronaviruses (CoV) are a large family of viruses that cause illnesses ranging from the common cold to more serious diseases. A novel coronavirus (nCoV) is a new strain that has not been previously identified in humans.

The current novel coronavirus (COVID-19) outbreak is currently spreading around the globe. It was first reported in Wuhan, China, On December 31, 2019. Since then, it has been detected in at least 168 countries and has sickened more than 425,600 people.

As of March 25, 2020, there have been at least 19,301 deaths, all but half in mainland China. In the United States, there have been 53,852 confirmed cases of the coronavirus and 728 deaths.

How does Coronavirus spread?

The coronavirus can be transmitted between animals and people. Animals are the source of the virus; however, COVID-19 is now spreading from one person to another (human-to-human transmission).

People can catch the virus from others who have the virus. The disease can spread from person to person through small droplets from the nose or mouth which spread when a person who is infected coughs or exhales.

These droplets land on objects and surfaces around the person. Other people then catch the virus by touching these objects or surfaces, then touching their eyes, nose, or mouth. You can also catch the coronavirus from breathing in droplets from an infected person who coughs out or exhales droplets.

As a result, it’s important to stay more than 1 meter (3 feet) away from a person who is sick.

Will Coronavirus impact business?

The spread of the coronavirus could impact your business. The coronavirus outbreak has disrupted the stock markets and supply chains around the world.

Economists say a pandemic could clearly cause a recession in the United States. However, for that to happen the effects would have to be felt beyond manufacturing, tourism, and other industries directly impacted by the disease.

The coronavirus is evolving and it’s hard to predict with any certainty the full extent of the economic impact.

However, it has already impacted people’s day to day lives, as many businesses near outbreaks have required self-imposed quarantine to stop the spread of the coronavirus.

Businesses who have had employees travel to China, Japan, Italy, or any of the other countries that are currently experiencing outbreaks, are requiring said employees to work remotely for at least 2 weeks before returning to business as normal.

Furthermore, many big-name companies have taken strides to stop the spread. Google’s headquarters in Dublin has sent out an injunction to its 8,000 employees to work from home as a precaution against the virus.

Additionally, Twitter has publicly urged its global staff of 5,000 people to work from home.

Amazon, Microsoft, and dozens of other companies on the west coast are enforcing remote work policies to minimize the spread of the coronavirus.

However, many organizations don’t feel well prepared to have employees work remotely on such a large scale. Read on to learn about the risks associated with working from home and how you can solve them.

Remote working security risks during Coronavirus outbreak

The business world is currently being forced into the largest remote working experiment as a result of the coronavirus. Consequently, many organizations are struggling to implement remote working policies and carry out their business contingency plans.

In many affected countries, governments have mandated or recommended remote working for all employees. As a result, organizations have had to quickly review and modify existing policies.

One of the biggest threats surrounding remote working is the security issues that arise from individuals accessing corporate data remotely. The underlying threat is the inability to properly enforce security measures.

Remote working requires management trust that employees will abide by security policies and controls.

Specifically, here are some of the biggest security threats of remote working during the coronavirus outbreak:

Accessing corporate data through unsafe Wi-Fi networks

  • Employees could be accessing corporate data through their home wireless network or through an unsecured public Wi-Fi. Unfortunately, if that’s the case, malicious actors can easily spy on and collect confidential data. As a result, it’s important to communicate network security risks and policies to your employees so they know exactly what network they should and should not connect to. Read about the security risks of remote working while using public Wi-Fi here.

Utilizing new tools

  • As the coronavirus outbreak continues, businesses will have to transfer communications and activities usually done on-site (Meetings, demos, usual activities) to online. As you may already know when you move from the security of on-site to online, your attack surface increases as well as your vulnerabilities. For example, in a conventional setting, you would most likely have meetings securely in a conference room. However, due to the virus outbreak, these meetings will have to take place online. As a result, employees must utilize new tools and software that they may not be familiar with. If they aren’t familiar with the software, then they may not know how to use it securely which could create security issues.

Increased likelihood of threat

  • Most organizations are publicly announcing their remote-working policies. On the one hand, it makes for good publicity. It shows the organization cares about minimizing risk to its employees. However, on the other hand, it could make them a target for opportunistic attackers. When an organization shares that it is enforcing work-from-home policies because of the coronavirus outbreak, they are essentially sharing with cyber criminals that they have an influx of employees who may be accessing corporate data in an insecure way, such as over a public network or on a personal device. As a result, it’s a sign that these employees might be more vulnerable to a cyber attack.

Remote working security solutions

As a business owner, the widespread outbreak is out of your hands. However, you still can take steps to create a safe and productive work environment for your employees. If the outbreak reaches a point where you must establish a company-wide work-from-home policy, then you should be prepared.

Here is a list of steps you can take to ensure your employees are safely working from home:

Utilize a VPN

  • A VPN will encrypt and secure all your internal and cloud-based resources. It allows you to protect cloud environments, servers, and company databases. Computers, smartphones, tablets, servers, and even some IoT devices can utilize a VPN connection. As long as your workers must work remotely due to the outbreak, a VPN is a must.

Multifactor authentication

  • Your entire company should be utilizing multifactor authentication. Authentication practices are especially important for remote workers. Unlike employees who access your organization’s network on site, who have to go through physical security controls to get to their computer, remote workers simply need an internet connection and the right credentials. As a result, your employees should have multifactor authentication enabled every time they access your network.

Web Content Filtering

  • If your employees are working remotely, then they may be more likely to click on a malicious link. Social engineering tricks can be harder to catch when you are not in your usual professional atmosphere. Furthermore, gaps in communication can occur when co-workers are cut-off from each other. For instance, a malicious actor could be using a domain spoof to disguise themselves as a co-worker. In a conventional setting, an employee might reach out in person to confirm a request if it seemed unusual. However, if not given the convenience of walking down the hall or a quick phone call to confirm, employees might fall for social engineering traps. As a result, it’s important to enable web content filtering that will block employees from malicious sites.

Written security policies

  • If your company must enable a work-from-home policy, then it’s important to write out security policies before implementing remote working. In your list of written policies, your IT team should cover all the bases in terms of network security, social engineering attacks, authentication methods, and software/ tool utilization and training. If your organization has already begun implementing remote working in the wake of the coronavirus, it’s not too late to create and enforce written security policies to ensure the safety of your corporate data and network.

If your organization needs assistance in creating and implementing security policies, our security analysts can help you get started. The World Health Organization (WHO) has described the risk of the coronavirus as “very high”.

The last thing you want is your organization scrambling to enforce and document remote working policies last minute. Your organization should prepare to securely establish remote working if the outbreak reaches the area surrounding your physical office.

The coronavirus may force your organization to implement remote working. If it does, then you should be ready.

If you need assistance establishing a VPN, enabling multifactor authentication, or writing thorough security policies that cover all the bases, then schedule a free meeting with one of our analysts to get started.

Schedule a Meeting

Finally, you can always find us on Twitter, LinkedIn, and Facebook.

Category: Cyber Security